<!DOCTYPE html>
<html>
  <head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport">
  <meta name="description" content="JinYan&#39;s blog">
  <meta name="keyword" content="hexo-theme, vuejs">
  
    <link rel="shortcut icon" href="/blog/css/images/logo.jpg">
  
  <title>
    
      企业安全工作要点 | SanYuanEmpire
    
  </title>
  <link href="//cdn.bootcss.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet">
  <link href="//cdn.bootcss.com/nprogress/0.2.0/nprogress.min.css" rel="stylesheet">
  <link href="//cdn.bootcss.com/highlight.js/9.12.0/styles/tomorrow.min.css" rel="stylesheet">
  <link rel="stylesheet" href="/blog/css/style.css">
<link rel="stylesheet" href="/blog/css/plugins/gitment.css">
  <script src="//cdn.bootcss.com/jquery/3.2.1/jquery.min.js"></script>
  <script src="//cdn.bootcss.com/geopattern/1.2.3/js/geopattern.min.js"></script>
  <script src="//cdn.bootcss.com/nprogress/0.2.0/nprogress.min.js"></script>
  <script src="/blog/js/qrious.js"></script>
<script src="/blog/js/gitment.js"></script>
  
  
    <!-- MathJax support START -->
    <script type="text/x-mathjax-config">
      MathJax.Hub.Config({
        tex2jax: {
          inlineMath: [ ['$','$'], ["\\(","\\)"]  ],
          processEscapes: true,
          skipTags: ['script', 'noscript', 'style', 'textarea', 'pre', 'code']
        }
      });
    </script>

    <script type="text/x-mathjax-config">
      MathJax.Hub.Queue(function() {
        var all = MathJax.Hub.getAllJax(), i;
        for (i=0; i < all.length; i += 1) {
          all[i].SourceElement().parentNode.className += ' has-jax';
        }
      });
    </script>
    <script type="text/javascript" src="//cdn.bootcss.com/mathjax/2.7.1/latest.js?config=TeX-AMS-MML_HTMLorMML"></script>
    <!-- MathJax support END -->
  


</head>
<div class="wechat-share">
  <img src="/css/images/logo.jpg" />
</div>

  <body>
    <header class="header fixed-header">
  <div class="header-container">
    <a class="home-link" href="/blog/">
      <div class="logo"></div>
      <span>SanYuanEmpire</span>
    </a>
    <ul class="right-list">
      
        <li class="list-item">
          
            <a href="/blog/" class="item-link">Home</a>
          
        </li>
      
        <li class="list-item">
          
            <a href="/blog/archives/" class="item-link">Archives</a>
          
        </li>
      
    </ul>
    <div class="menu">
      <span class="icon-bar"></span>
      <span class="icon-bar"></span>
      <span class="icon-bar"></span>
    </div>
    <div class="menu-mask">
      <ul class="menu-list">
        
          <li class="menu-item">
            
              <a href="/blog/" class="menu-link">Home</a>
            
          </li>
        
          <li class="menu-item">
            
              <a href="/blog/archives/" class="menu-link">Archives</a>
            
          </li>
        
      </ul>
    </div>
  </div>
</header>

    <div id="article-banner">
  <h2>企业安全工作要点</h2>
  <p class="post-date">2018-09-04</p>
  <div class="arrow-down">
    <a href="javascript:;"></a>
  </div>
</div>
<main class="app-body flex-box">
  <!-- Article START -->
  <article class="post-article">
    <section class="markdown-content"><ul>
<li>安全预警体系</li>
<li>安全监测体系</li>
<li>安全防御体系</li>
<li>安全评估体系</li>
<li>安全审计体系</li>
<li>规范标准流程</li>
<li>安全交流培训</li>
</ul>
<h1 id="办公网络安全"><a href="#办公网络安全" class="headerlink" title="办公网络安全"></a>办公网络安全</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line">周期安全评估、模拟渗透测试（渗透/审计工具包、渗透/审计流程/步骤）</span><br><span class="line">反弹后门的检测Websense</span><br><span class="line">网络入侵检测系统IDS/Snort/Suricata</span><br><span class="line">网络流量监测系统Ntop</span><br><span class="line">网络防病毒系统Symantec/NOD32</span><br><span class="line">统一补丁管理系统WSUS</span><br><span class="line">网络准入控制系统NAC/联软</span><br><span class="line">流量带宽控制系统TC/HTB/Iptables</span><br><span class="line">网络访问控制Vlan/ACL/Iptables（HR/Finance/Mgmt、TEST/DEV、AD/MAIL/SVN/WIKI/Exchange）</span><br><span class="line">防火墙FW/入侵保护系统IPS（办公网络出口ACL、ITServer机房映射/出口ACL）</span><br><span class="line">无线网络安全</span><br><span class="line">VPN安全（账户/权限审批、存档，周期审计，VPN User Group/Vlan/ACL，双因素认证RSA）</span><br><span class="line">邮件Mail安全（反垃圾邮件、反病毒邮件ClamAV、内容过滤系统）</span><br><span class="line">AD域重要服务器账户/权限/登录范围监测与管理、弱口令审计</span><br><span class="line">数据库账户、口令、权限审计</span><br><span class="line">蜜罐网络Honeynet</span><br><span class="line">集中日志审计系统Ossec/Splunk</span><br><span class="line">内网病毒/蠕虫应急响应流程</span><br><span class="line">账户统一认证体系建设（AD）</span><br></pre></td></tr></table></figure>
<h1 id="内网安全管理制度"><a href="#内网安全管理制度" class="headerlink" title="内网安全管理制度"></a>内网安全管理制度</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line">IT机房服务器上线/下线流程</span><br><span class="line">IT服务器账户/权限审批流程</span><br><span class="line">VPN账户/权限审批流程</span><br><span class="line">IT机房网络ACL开放审批流程</span><br><span class="line">员工上网行为规范（P2P/敏感信息）</span><br><span class="line">口令安全标准、管理规范</span><br><span class="line">信息安全等级与保密制度</span><br><span class="line">重要数据的加密、存储、传输规范/铁卷</span><br></pre></td></tr></table></figure>
<h1 id="生产网络安全"><a href="#生产网络安全" class="headerlink" title="生产网络安全"></a>生产网络安全</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line">周期安全评估、模拟渗透测试（渗透/审计工具包、渗透/审计流程/步骤）</span><br><span class="line">网络入侵检测系统IDS/Snort/Suricata</span><br><span class="line">系统反弹木马检测</span><br><span class="line">集中日志审计系统Ossec/Splunk(secure/message)</span><br><span class="line">网站漏洞检测系统（系统网络层面的安全扫描、WEB应用层面的安全扫描Xss/Csrf/Sql lnject、其它危险管理后台检测、人工渗透测试）</span><br><span class="line">网站反挂马检测系统（原理基于特征/行为检测、范围企业内部/合作伙伴）</span><br><span class="line">防火墙FW/入侵保护系统IPS</span><br><span class="line">WEB应用防火墙WAF</span><br><span class="line">网站反CC攻击系统（DDoS）</span><br><span class="line">防DDoS（流量型/连接型）（DDoS攻击响应流程、流量牵引CiscoGuard、Ntop/Netflow）</span><br><span class="line">网络防病毒系统Symantec/NOD32</span><br><span class="line">统一补丁管理系统WSUS</span><br><span class="line">跳板机/堡垒机建设（账户/权限审批与行为日志审计、双因素认证RSA、集中管理、授权、审计）</span><br><span class="line">生产网络安全域的划分/ACL策略（CoreDB Intra-System/CRm Admin domain/DNS/Syslog/NTP Product DEV/BETA DMZ）</span><br><span class="line">SOC/SIEM安全运维中心（OSSIM）（安全信息的预警、安全事件监测、安全事件跟踪）</span><br></pre></td></tr></table></figure>
<h1 id="安全事件应急响应"><a href="#安全事件应急响应" class="headerlink" title="安全事件应急响应"></a>安全事件应急响应</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">应急响应流程（入侵事件 、DDoS（TCP Syn ICMP/UDP CC）、病毒蠕虫）</span><br><span class="line">应急响应工具包（Pentest渗透测试工具包、静态工具包）</span><br><span class="line">服务器/网络设备/安全设备/数据库周期安全审计（有效账户列表、弱口令审计、权限审计、ACL访问控制、行为日志审计、设备自身配置安全审计）</span><br><span class="line">IDC相关的制度/规范/标准（生产网服务器/网络设备上线、下线流程,IDC边界端口/内部互访的ACL开放审批流程，服务器/网络设备账户、权限、行为审批流程，系统、网络、安全设备安全加固标准，重要数据的存储、传输加解密规范、流程）</span><br><span class="line">安全交流、分享、培训（部门内部分享/交流，跨部门培训（运维/QA/DEV），面向企业的安全习惯/意识/Tips）</span><br></pre></td></tr></table></figure>
<h1 id="业务应用安全"><a href="#业务应用安全" class="headerlink" title="业务应用安全"></a>业务应用安全</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line">周期安全评估、模拟渗透测试（渗透/审计工具包、渗透/审计流程/步骤）</span><br><span class="line">网站漏洞检测系统（系统网络层面的安全扫描、WEB应用层面的安全扫描Xss/Csrf/Sql lnject、其它危险管理后台检测、人工渗透测试）</span><br><span class="line">开发编码安全规范（Java/PHP/ASP/ASP.net/Python/JavaScript编码规范）</span><br><span class="line">应用软件与框架统一/版本规范/安全配置标准</span><br><span class="line">应用管理后台的统一安全管理（内部系统（统一账户认证体系）、外部系统）</span><br><span class="line">应用系统的账户/口令审计</span><br><span class="line">WEB应用防火墙WAF</span><br><span class="line">WEB SHELL检测</span><br><span class="line">集中统一前端Proxy/Nginx</span><br><span class="line">网站反挂马检测系统（原理基于特征/行为检测、范围企业内部/合作伙伴）</span><br><span class="line">网站应用上线安全测试规范/流程</span><br><span class="line">网站应用安全（恶意注册、垃圾信息）</span><br><span class="line">钓鱼站点的反击</span><br><span class="line">集中日志审计系统Ossec/Splunk(access.log)</span><br><span class="line">网站反CC攻击系统（DDoS）</span><br></pre></td></tr></table></figure>
<h1 id="制度流程规范"><a href="#制度流程规范" class="headerlink" title="制度流程规范"></a>制度流程规范</h1><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line">内网安全管理制度</span><br><span class="line">IT机房服务器上线/下线流程</span><br><span class="line">IT服务器账户/权限审批流程</span><br><span class="line">VPN账户/权限审批流程</span><br><span class="line">IT机房网络ACL开放审批流程</span><br><span class="line">员工上网行为规范（P2P/敏感信息）</span><br><span class="line">口令安全标准、管理规范</span><br><span class="line">信息安全等级与保密制度</span><br><span class="line">重要数据的加密、存储、传输规范/铁卷</span><br><span class="line">IDC相关的制度/规范/标准（生产网服务器/网络设备上线、下线流程,IDC边界端口/内部互访的ACL开放审批流程，服务器/网络设备账户、权限、行为审批流程，系统、网络、安全设备安全加固标准，重要数据的存储、传输加解密规范、流程）</span><br><span class="line">应用软件与框架统一/版本规范/安全配置标准</span><br><span class="line">开发编码安全规范（Java/PHP/ASP/ASP.net/Python/JavaScript编码规范）</span><br><span class="line">安全相关规范流程（网络端口开放策略规范、漏洞修补流程、安全事件处理流程、网站应用上线安全测试规范/流程）</span><br><span class="line">安全交流、分享、培训（部门内部分享/交流，跨部门培训（运维/QA/DEV），面向企业的安全习惯/意识/Tips）</span><br></pre></td></tr></table></figure>
</section>
    <!-- Tags START -->
    
    <!-- Tags END -->
    <!-- NAV START -->
    
  <div class="nav-container">
    <!-- reverse left and right to put prev and next in a more logic postition -->
    
      <a class="nav-left" href="/blog/2018/09/03/Linux-配置使用密钥登录/">
        <span class="nav-arrow">← </span>
        
          Linux-配置使用密钥登录
        
      </a>
    
    
      <a class="nav-right" href="/blog/2018/09/04/企业网络安全管理/">
        
          企业网络安全管理
        
        <span class="nav-arrow"> →</span>
      </a>
    
  </div>

    <!-- NAV END -->
    
      <!-- No Comment -->
    
  </article>
  <!-- Article END -->
  <!-- Catalog START -->
  
    <aside class="catalog-container">
  <div class="toc-main">
    <strong class="toc-title">Catalog</strong>
    
      <ol class="toc-nav"><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#办公网络安全"><span class="toc-nav-text">办公网络安全</span></a></li><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#内网安全管理制度"><span class="toc-nav-text">内网安全管理制度</span></a></li><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#生产网络安全"><span class="toc-nav-text">生产网络安全</span></a></li><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#安全事件应急响应"><span class="toc-nav-text">安全事件应急响应</span></a></li><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#业务应用安全"><span class="toc-nav-text">业务应用安全</span></a></li><li class="toc-nav-item toc-nav-level-1"><a class="toc-nav-link" href="#制度流程规范"><span class="toc-nav-text">制度流程规范</span></a></li></ol>
    
  </div>
</aside>
  
  <!-- Catalog END -->
</main>

<script>
  (function () {
    var url = 'git@gitee.com:sanyuanempire/blog.git/2018/09/04/企业安全工作要点/';
    var banner = ''
    if (banner !== '' && banner !== 'undefined' && banner !== 'null') {
      $('#article-banner').css({
        'background-image': 'url(' + banner + ')'
      })
    } else {
      $('#article-banner').geopattern(url)
    }
    $('.header').removeClass('fixed-header')

     // error image
    $(".markdown-content img").on('error', function() {
      $(this).attr('src', 'http://file.muyutech.com/error-img.png')
      $(this).css({
        'cursor': 'default'
      })
    })

    // zoom image
    $(".markdown-content img").on('click', function() {
      var src = $(this).attr('src')
      if (src !== 'http://file.muyutech.com/error-img.png') {
        var imageW = $(this).width()
        var imageH = $(this).height()
        
        var zoom = ($(window).width() * 0.95 / imageW).toFixed(2)
        zoom = zoom < 1 ? 1 : zoom
        zoom = zoom > 2 ? 2 : zoom
        var transY = (($(window).height() - imageH) / 2).toFixed(2)

        $('body').append('<div class="image-view-wrap"><div class="image-view-inner"><img src="'+ src +'" /></div></div>')
        $('.image-view-wrap').addClass('wrap-active')
        $('.image-view-wrap img').css({
          'width': `${imageW}`,
          'transform': `translate3d(0, ${transY}px, 0) scale3d(${zoom}, ${zoom}, 1)`
        })
        $('html').css('overflow', 'hidden')

        $('.image-view-wrap').on('click', function() {
          $(this).remove()
          $('html').attr('style', '')
        })
      }
    })

    // qrcode
    var qr = new QRious({
      element: document.getElementById('share-qrcode'),
      value: document.location.href
    });

    // gitment
    var gitmentConfig = "";
    if (gitmentConfig !== 'undefined') {
      var gitment = new Gitment({
        id: "企业安全工作要点",
        owner: "",
        repo: "",
        oauth: {
          client_id: "",
          client_secret: ""
        },
        theme: {
          render(state, instance) {
            const container = document.createElement('div')
            container.lang = "en-US"
            container.className = 'gitment-container gitment-root-container'
            container.appendChild(instance.renderHeader(state, instance))
            container.appendChild(instance.renderEditor(state, instance))
            container.appendChild(instance.renderComments(state, instance))
            container.appendChild(instance.renderFooter(state, instance))
            return container;
          }
        }
      })
      gitment.render(document.getElementById('comments'))
    }
  })();
</script>

<script>
  var disqus_shortname = '';
  
  var disqus_url = 'git@gitee.com:sanyuanempire/blog.git/2018/09/04/企业安全工作要点/';
  
  (function(){
    var dsq = document.createElement('script');
    dsq.type = 'text/javascript';
    dsq.async = true;
    dsq.src = '//go.disqus.com/embed.js';
    (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
  })();
</script>

    <div class="scroll-top">
  <span class="arrow-icon"></span>
</div>
    <footer class="app-footer">
  <p class="copyright">
    &copy; 2018 | Proudly powered by <a href="https://sanyuanempire.gitee.io/blog" target="_blank">JinYan</a>
    <br>
    Theme by <a href="https://sanyuanempire.gitee.io/blog">JinYan</a>
  </p>
</footer>

<script>
  function async(u, c) {
    var d = document, t = 'script',
      o = d.createElement(t),
      s = d.getElementsByTagName(t)[0];
    o.src = u;
    if (c) { o.addEventListener('load', function (e) { c(null, e); }, false); }
    s.parentNode.insertBefore(o, s);
  }
</script>
<script>
  async("//cdn.bootcss.com/fastclick/1.0.6/fastclick.min.js", function(){
    FastClick.attach(document.body);
  })
</script>

<script>
  var hasLine = 'true';
  async("//cdn.bootcss.com/highlight.js/9.12.0/highlight.min.js", function(){
    $('figure pre').each(function(i, block) {
      var figure = $(this).parents('figure');
      if (hasLine === 'false') {
        figure.find('.gutter').hide();
      }
      var lang = figure.attr('class').split(' ')[1] || 'code';
      var codeHtml = $(this).html();
      var codeTag = document.createElement('code');
      codeTag.className = lang;
      codeTag.innerHTML = codeHtml;
      $(this).attr('class', '').empty().html(codeTag);
      figure.attr('data-lang', lang.toUpperCase());
      hljs.highlightBlock(block);
    });
  })
</script>
<!-- Baidu Tongji -->

<script src="/blog/js/script.js"></script>

  </body>
</html>